6 files changed, 0 insertions, 918 deletions
diff --git a/src/charon/config/backends/backend.h b/src/charon/config/backends/backend.h
deleted file mode 100644
index 592d1dd4c..000000000
--- a/src/charon/config/backends/backend.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/**
- * @file backend.h
- * 
- * @brief Interface backend_t.
- *  
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#ifndef BACKEND_H_
-#define BACKEND_H_
-
-typedef struct backend_t backend_t;
-
-#include <library.h>
-#include <config/ike_cfg.h>
-#include <config/peer_cfg.h>
-#include <utils/linked_list.h>
-
-/**
- * @brief The interface for a configuration backend.
- *
- * A configuration backend is loaded by the backend_manager. It does the actual
- * configuration lookup for the method it implements. See backend_manager_t for
- * more information.
- *
- * @b Constructors:
- * - implementations constructors
- * 
- * @ingroup backends
- */
-struct backend_t {
-
-	/**
-	 * @brief Get an ike_cfg identified by two hosts.
-	 *
-	 * @param this				calling object
-	 * @param my_host			address of own host
-	 * @param other_host		address of remote host
-	 * @return					matching ike_config, or NULL if none found
-	 */
-	ike_cfg_t *(*get_ike_cfg)(backend_t *this, 
-							  host_t *my_host, host_t *other_host);
-	
-	/**
-	 * @brief Get a peer_cfg identified by two IDs.
-	 * 
-	 * Select a config based on the two IDs and the other's certificate issuer
-	 *
-	 * @param this				calling object
-	 * @param my_id				own ID
-	 * @param other_id			peer ID
-	 * @param other_ca_info		info record on issuer of peer certificate
-	 * @return					matching peer_config, or NULL if none found
-	 */
-	peer_cfg_t *(*get_peer_cfg)(backend_t *this,
-								identification_t *my_id, identification_t *other_id,
-								ca_info_t *other_ca_info);
-	
-	/**
-	 * @brief Get a peer_cfg identified by it's name, or a name of its child.
-	 *
-	 * @param this				calling object
-	 * @param name				
-	 * @return					matching peer_config, or NULL if none found
-	 */
-	peer_cfg_t *(*get_peer_cfg_by_name)(backend_t *this, char *name);
-	
-	/**
-	 * @brief Check if a backend is writable and implements writable_backend_t.
-	 *
-	 * @param this		calling object
-	 * @return			TRUE if backend implements writable_backend_t.
-	 */
-	bool (*is_writeable)(backend_t *this);
-	
-	/**
-	 * @brief Destroy a backend.
-	 *
-	 * @param this		calling object
-	 */
-	void (*destroy)(backend_t *this);
-};
-
-
-/**
- * Construction to create a backend.
- */
-typedef backend_t*(*backend_constructor_t)(void);
-
-#endif /* BACKEND_H_ */
-
diff --git a/src/charon/config/backends/local_backend.c b/src/charon/config/backends/local_backend.c
deleted file mode 100644
index e04c72ac1..000000000
--- a/src/charon/config/backends/local_backend.c
+++ /dev/null
@@ -1,322 +0,0 @@
-/**
- * @file local_backend.c
- *
- * @brief Implementation of local_backend_t.
- *
- */
-
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <string.h>
-
-#include "local_backend.h"
-
-#include <daemon.h>
-#include <utils/linked_list.h>
-#include <crypto/ca.h>
-
-
-typedef struct private_local_backend_t private_local_backend_t;
-
-/**
- * Private data of an local_backend_t object
- */
-struct private_local_backend_t {
-
-	/**
-	 * Public part
-	 */
-	local_backend_t public;
-	
-	/**
-	 * list of configs
-	 */
-	linked_list_t *cfgs;
-	
-	/**
-	 * Mutex to exclusivly access list
-	 */
-	pthread_mutex_t mutex;
-};
-
-/**
- * implements backen_t.get_ike_cfg.
- */
-static ike_cfg_t *get_ike_cfg(private_local_backend_t *this, 
-							  host_t *my_host, host_t *other_host)
-{
-	peer_cfg_t *peer;
-	ike_cfg_t *current, *found = NULL;
-	iterator_t *iterator;
-	host_t *my_candidate, *other_candidate;
-	enum {
-		MATCH_NONE  = 0x00,
-		MATCH_ANY   = 0x01,
-		MATCH_ME    = 0x04,
-		MATCH_OTHER = 0x08,
-	} prio, best = MATCH_ANY;
-	
-	DBG2(DBG_CFG, "looking for a config for %H...%H",
-		 my_host, other_host);
-	
-	iterator = this->cfgs->create_iterator_locked(this->cfgs, &this->mutex);
-	while (iterator->iterate(iterator, (void**)&peer))
-	{
-		prio = MATCH_NONE;
-		current = peer->get_ike_cfg(peer);
-		my_candidate = current->get_my_host(current);
-		other_candidate = current->get_other_host(current);
-		
-		if (my_candidate->ip_equals(my_candidate, my_host))
-		{
-			prio += MATCH_ME;
-		}
-		else if (my_candidate->is_anyaddr(my_candidate))
-		{
-			prio += MATCH_ANY;
-		}
-		
-		if (other_candidate->ip_equals(other_candidate, other_host))
-		{
-			prio += MATCH_OTHER;
-		}
-		else if (other_candidate->is_anyaddr(other_candidate))
-		{
-			prio += MATCH_ANY;
-		}
-		
-		DBG2(DBG_CFG, "  candidate '%s': %H...%H, prio %d",
-			 peer->get_name(peer), my_candidate, other_candidate, prio);
-		
-		/* we require at least two MATCH_ANY */
-		if (prio > best)
-		{
-			best = prio;
-			found = current;
-		}
-	}
-	if (found)
-	{
-		found->get_ref(found);
-	}
-	iterator->destroy(iterator);
-	return found;
-}
-
-#define PRIO_NO_MATCH_FOUND		256
-
-/**
- * implements backend_t.get_peer.
- */			
-static peer_cfg_t *get_peer_cfg(private_local_backend_t *this,
-								identification_t *my_id, identification_t *other_id,
-								ca_info_t *other_ca_info)
-{
-	peer_cfg_t *current, *found = NULL;
-	iterator_t *iterator;
-	identification_t *my_candidate, *other_candidate;
-	int best = PRIO_NO_MATCH_FOUND;
-	
-	DBG2(DBG_CFG, "looking for a config for %D...%D", my_id, other_id);
-	
-	iterator = this->cfgs->create_iterator_locked(this->cfgs, &this->mutex);
-	while (iterator->iterate(iterator, (void**)&current))
-	{
-		int wc1, wc2;
-
-		my_candidate = current->get_my_id(current);
-		other_candidate = current->get_other_id(current);
-
-		if (my_candidate->matches(my_candidate, my_id, &wc1)
-		&&	other_id->matches(other_id, other_candidate, &wc2))
-		{
-			int prio = (wc1 + wc2) * (MAX_CA_PATH_LEN + 1);
-			int pathlen = 0;
-			identification_t *other_candidate_ca = current->get_other_ca(current);
-			linked_list_t *groups = current->get_groups(current);
-
-			/* is a group membership required? */
-			if (groups->get_count(groups) > 0)
-			{
-				DBG1(DBG_CFG, "  group membership required");
-			}
-
-			/* are there any ca constraints? */
-			if (other_candidate_ca->get_type(other_candidate_ca) != ID_ANY)
-			{
-				ca_info_t *ca_info = other_ca_info;
-
-				for (pathlen = 0; pathlen < MAX_CA_PATH_LEN; pathlen++)
-				{
-					if (ca_info == NULL)
-					{
-						prio = PRIO_NO_MATCH_FOUND;
-						break;
-					}
-					else
-					{
-						x509_t *cacert = ca_info->get_certificate(ca_info);
-						identification_t *other_ca = cacert->get_subject(cacert);
-
-						if (other_candidate_ca->equals(other_candidate_ca, other_ca))
-						{
-							/* found a ca match */
-							break;
-						}
-						if (cacert->is_self_signed(cacert))
-						{
-							/* reached the root ca without a match */
-							prio = PRIO_NO_MATCH_FOUND;
-							break;
-						}
-						/* move a level upward in the trust path hierarchy */
-						ca_info = charon->credentials->get_issuer(charon->credentials, cacert); 
-					}
-				}
-				if (pathlen == MAX_CA_PATH_LEN)
-				{
-					DBG1(DBG_CFG, "maximum ca path length of %d levels reached", MAX_CA_PATH_LEN);
-					prio = PRIO_NO_MATCH_FOUND;
-				}
-			}
-			if (prio == PRIO_NO_MATCH_FOUND)
-			{
-				DBG2(DBG_CFG, "  candidate '%s': %D...%D, no ca match",
-				 	current->get_name(current), my_candidate, other_candidate);
-			}
-			else
-			{
-				prio += pathlen;
-				DBG2(DBG_CFG, "  candidate '%s': %D...%D, prio %d",
-				 	current->get_name(current), my_candidate, other_candidate, prio);
-			
-				if (prio < best)
-				{
-					found = current;
-					best = prio;
-				}
-			}
-		}
-	}
-	if (found)
-	{
-		DBG1(DBG_CFG, "found matching config \"%s\": %D...%D, prio %d",
-				found->get_name(found),
-				found->get_my_id(found),
-				found->get_other_id(found),
-				best);
-		found->get_ref(found);
-	}
-	iterator->destroy(iterator);
-	return found;
-}
-
-/**
- * implements backend_t.get_peer_cfg_by_name.
- */			
-static peer_cfg_t *get_peer_cfg_by_name(private_local_backend_t *this, char *name)
-{
-	iterator_t *i1, *i2;
-	peer_cfg_t *current, *found = NULL;
-	child_cfg_t *child;
-
-	i1 = this->cfgs->create_iterator(this->cfgs, TRUE);
-	while (i1->iterate(i1, (void**)&current))
-	{
-        /* compare peer_cfgs name first */
-        if (streq(current->get_name(current), name))
-        {
-            found = current;
-            found->get_ref(found);
-            break;
-        }
-        /* compare all child_cfg names otherwise */
-        i2 = current->create_child_cfg_iterator(current);
-        while (i2->iterate(i2, (void**)&child))
-        {
-            if (streq(child->get_name(child), name))
-            {
-                found = current;
-                found->get_ref(found);
-                break;
-            }
-        }
-        i2->destroy(i2);
-        if (found)
-        {
-            break;
-        }
-	}
-	i1->destroy(i1);
-	return found;
-}
-
-/**
- * Implementation of backend_t.is_writable.
- */
-static bool is_writeable(private_local_backend_t *this)
-{
-    return TRUE;
-}
-
-/**
- * Implementation of writable_backend_t.create_iterator.
- */
-static iterator_t* create_iterator(private_local_backend_t *this)
-{
-	return this->cfgs->create_iterator_locked(this->cfgs, &this->mutex);
-}
-
-/**
- * Implementation of writable_backend_t.add_peer_cfg.
- */
-static void add_cfg(private_local_backend_t *this, peer_cfg_t *config)
-{
-    pthread_mutex_lock(&this->mutex);
-    this->cfgs->insert_last(this->cfgs, config);
-    pthread_mutex_unlock(&this->mutex);
-}
-
-/**
- * Implementation of backend_t.destroy.
- */
-static void destroy(private_local_backend_t *this)
-{
-    this->cfgs->destroy_offset(this->cfgs, offsetof(peer_cfg_t, destroy));
-    free(this);
-}
-
-/**
- * Described in header.
- */
-backend_t *backend_create(void)
-{
-	private_local_backend_t *this = malloc_thing(private_local_backend_t);
-	
-	this->public.backend.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg;
-	this->public.backend.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
-	this->public.backend.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
-    this->public.backend.backend.is_writeable = (bool(*) (backend_t*))is_writeable;
-    this->public.backend.backend.destroy = (void (*)(backend_t*))destroy;
-	this->public.backend.create_iterator = (iterator_t* (*)(writeable_backend_t*))create_iterator;
-    this->public.backend.add_cfg = (void (*)(writeable_backend_t*,peer_cfg_t*))add_cfg;
-    
-	/* private variables */
-	this->cfgs = linked_list_create();
-	pthread_mutex_init(&this->mutex, NULL);
-	
-	return &this->public.backend.backend;
-}
diff --git a/src/charon/config/backends/local_backend.h b/src/charon/config/backends/local_backend.h
deleted file mode 100644
index b33c6443b..000000000
--- a/src/charon/config/backends/local_backend.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @file local_backend.h
- *
- * @brief Interface of local_backend_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
- 
-#ifndef LOCAL_BACKEND_H_
-#define LOCAL_BACKEND_H_
-
-typedef struct local_backend_t local_backend_t;
-
-#include <library.h>
-#include <config/backends/writeable_backend.h>
-
-/**
- * @brief An in-memory backend to store configurations.
- *
- * The local_backend_t stores the configuration in a simple list. It
- * implements both, backend_t and writeable_backend_t.
- *
- * @b Constructors:
- *  - local_backend_create()
- * 
- * @ingroup backends
- */
-struct local_backend_t {
-	
-	/**
-	 * Implements writable_backend_t interface
-	 */
-	writeable_backend_t backend;
-};
-
-/**
- * @brief Create a backend_t instance implemented as local backend.
- *
- * @return backend instance
- * 
- * @ingroup backends
- */
-backend_t *backend_create(void);
-
-#endif /* LOCAL_BACKEND_H_ */
-
diff --git a/src/charon/config/backends/sqlite_backend.c b/src/charon/config/backends/sqlite_backend.c
deleted file mode 100644
index e1c96c870..000000000
--- a/src/charon/config/backends/sqlite_backend.c
+++ /dev/null
@@ -1,309 +0,0 @@
-/**
- * @file sqlite_backend.c
- *
- * @brief Implementation of sqlite_backend_t.
- *
- */
-
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <string.h>
-#include <sqlite3.h>
-
-#include "sqlite_backend.h"
-
-#include <daemon.h>
-
-
-typedef struct private_sqlite_backend_t private_sqlite_backend_t;
-
-/**
- * Private data of an sqlite_backend_t object
- */
-struct private_sqlite_backend_t {
-
-	/**
-	 * Public part
-	 */
-	sqlite_backend_t public;
-	
-	/**
-	 * SQLite database handle
-	 */
-	sqlite3 *db;
-};
-
-/**
- * implements backen_t.get_ike_cfg.
- */
-static ike_cfg_t *get_ike_cfg(private_sqlite_backend_t *this, 
-							  host_t *my_host, host_t *other_host)
-{
-	return NULL;
-}
-
-/**
- * add TS with child "id" to "child_cfg"
- */
-static void add_ts(private_sqlite_backend_t *this, child_cfg_t *child_cfg, int id)
-{
-	sqlite3_stmt *stmt;
-	
-	if (sqlite3_prepare_v2(this->db,
-		"SELECT type, protocol, start_addr, end_addr, start_port, end_port, kind "
-		"FROM traffic_selectors, child_config_traffic_selector "
-			"ON traffic_selectors.oid = child_config_traffic_selector.traffic_selector "
-		"WHERE child_config_traffic_selector.child_cfg = ?;",
-		-1, &stmt, NULL) == SQLITE_OK &&
-		sqlite3_bind_int(stmt, 1, id) == SQLITE_OK)
-	{
-		while (sqlite3_step(stmt) == SQLITE_ROW)
-		{
-			traffic_selector_t *ts;
-			bool local = FALSE;
-			enum {
-				TS_LOCAL = 0,
-				TS_REMOTE = 1,
-				TS_LOCAL_DYNAMIC = 2,
-				TS_REMOTE_DYNAMIC = 3,
-			} kind;
-			
-			kind = sqlite3_column_int(stmt, 6);
-			switch (kind)
-			{
-				case TS_LOCAL:
-					local = TRUE;
-					/* FALL */
-				case TS_REMOTE:
-					ts = traffic_selector_create_from_string(
-						sqlite3_column_int(stmt, 1), 			/* protocol */
-						sqlite3_column_int(stmt, 0),			/* type */
-						(char*)sqlite3_column_text(stmt, 2),	/* from addr */
-						sqlite3_column_int(stmt, 4),			/* from port */
-						(char*)sqlite3_column_text(stmt, 3),	/* to addr */
-						sqlite3_column_int(stmt, 5));			/* to port */
-					break;
-				case TS_LOCAL_DYNAMIC:
-					local = TRUE;
-					/* FALL */
-				case TS_REMOTE_DYNAMIC:
-					ts = traffic_selector_create_dynamic(
-						sqlite3_column_int(stmt, 1), 			/* protocol */
-						sqlite3_column_int(stmt, 0),			/* type */
-						sqlite3_column_int(stmt, 4),			/* from port */
-						sqlite3_column_int(stmt, 5));			/* to port */
-					break;
-				default:
-					continue;
-			}
-			if (ts)
-			{
-				child_cfg->add_traffic_selector(child_cfg, local, ts);
-			}
-		}
-	}
-	sqlite3_finalize(stmt);
-}
-
-/**
- * add childrens belonging to config with "id" to "peer_cfg"
- */
-static void add_children(private_sqlite_backend_t *this, peer_cfg_t *peer_cfg, int id)
-{
-	sqlite3_stmt *stmt;
-	child_cfg_t *child_cfg;
-	
-	if (sqlite3_prepare_v2(this->db,
-		"SELECT child_configs.oid, name, updown, hostaccess, mode, "
-			   "lifetime, rekeytime, jitter "
-		"FROM child_configs, peer_config_child_config "
-			"ON child_configs.oid = peer_config_child_config.child_cfg "
-		"WHERE peer_config_child_config.peer_cfg = ?;",
-		-1, &stmt, NULL) == SQLITE_OK &&
-		sqlite3_bind_int(stmt, 1, id) == SQLITE_OK)
-	{
-		while (sqlite3_step(stmt) == SQLITE_ROW)
-		{
-			child_cfg = child_cfg_create(
-					(char*)sqlite3_column_text(stmt, 1), 	/* name */
-					sqlite3_column_int(stmt, 5),			/* lifetime */
-					sqlite3_column_int(stmt, 6), 			/* rekeytime */
-					sqlite3_column_int(stmt, 7),			/* jitter */
-					(char*)sqlite3_column_text(stmt, 2), 	/* updown */
-					sqlite3_column_int(stmt, 3),			/* hostaccess */
-					sqlite3_column_int(stmt, 4));			/* mode */
-			add_ts(this, child_cfg, sqlite3_column_int(stmt, 0));
-			child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
-			peer_cfg->add_child_cfg(peer_cfg, child_cfg);
-		}
-	}
-	sqlite3_finalize(stmt);
-}
-
-/**
- * processing function for get_peer_cfg and get_peer_cfg_by_name
- */
-static peer_cfg_t *process_peer_cfg_row(private_sqlite_backend_t *this,
-										sqlite3_stmt *stmt)
-{
-	host_t *local_host, *remote_host, *local_vip = NULL, *remote_vip = NULL;
-	identification_t *local_id, *remote_id;
-	peer_cfg_t *peer_cfg;
-	ike_cfg_t *ike_cfg;
-
-	local_host = host_create_from_string((char*)sqlite3_column_text(stmt, 17), IKEV2_UDP_PORT);
-	remote_host = host_create_from_string((char*)sqlite3_column_text(stmt, 18), IKEV2_UDP_PORT);
-	if (sqlite3_column_text(stmt, 15))
-	{
-		local_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 15), 0);
-	}
-	if (sqlite3_column_text(stmt, 16))
-	{
-		remote_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 16), 0);
-	}
-	local_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 2));
-	remote_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 3));
-	if (local_host && remote_host && local_id && remote_id)
-	{
-		ike_cfg = ike_cfg_create(sqlite3_column_int(stmt, 19),  FALSE,
-								 local_host, remote_host);		
-		ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
-		peer_cfg = peer_cfg_create(
-			(char*)sqlite3_column_text(stmt, 1),		/* name */
-			2, ike_cfg,	local_id, remote_id, NULL, NULL, linked_list_create(),
-			sqlite3_column_int(stmt, 4),				/* cert_policy */
-			sqlite3_column_int(stmt, 5),				/* auth_method */
-			sqlite3_column_int(stmt, 6), 0				/* eap_type, vendor */
-			sqlite3_column_int(stmt, 7),				/* keyingtries */
-			sqlite3_column_int(stmt, 8),				/* rekey_time */
-			sqlite3_column_int(stmt, 9),				/* reauth_time */
-			sqlite3_column_int(stmt, 10),				/* jitter_time */
-			sqlite3_column_int(stmt, 11),				/* over_time */
-			sqlite3_column_int(stmt, 14),				/* mobike */
-			sqlite3_column_int(stmt, 12),				/* dpd_delay */
-			sqlite3_column_int(stmt, 13),				/* dpd_action */
-			local_vip, remote_vip, FALSE, NULL, NULL);
-		add_children(this, peer_cfg, sqlite3_column_int(stmt, 0));
-		return peer_cfg;
-	}
-	
-	DESTROY_IF(local_host);
-	DESTROY_IF(remote_host);
-	DESTROY_IF(local_id);
-	DESTROY_IF(remote_id);
-	DESTROY_IF(local_vip);
-	DESTROY_IF(remote_vip);
-	return NULL;
-}
-
-/**
- * implements backend_t.get_peer_cfg.
- */			
-static peer_cfg_t *get_peer_cfg(private_sqlite_backend_t *this,
-								identification_t *my_id, identification_t *other_id,
-								ca_info_t *other_ca_info)
-{
-	sqlite3_stmt *stmt;
-	char local[256], remote[256];
-	peer_cfg_t *peer_cfg = NULL;
-
-	snprintf(local, sizeof(local), "%D",  my_id);
-	snprintf(remote, sizeof(remote), "%D", other_id);
-	
-	if (sqlite3_prepare_v2(this->db,
-			"SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, "
-				   "auth_method, eap_type, keyingtries, "
-				   "rekey_time, reauth_time, jitter_time, over_time, "
-				   "dpd_delay, dpd_action, mobike, local_vip, remote_vip, "
-				   "local, remote, certreq "
-			"FROM peer_configs, ike_configs "
-				"ON peer_configs.ike_cfg = ike_configs.oid "
-			"WHERE local_id = ? and remote_id = ?;", -1, &stmt, NULL) == SQLITE_OK &&
-		sqlite3_bind_text(stmt, 1, local, -1, SQLITE_STATIC) == SQLITE_OK &&
-		sqlite3_bind_text(stmt, 2, remote, -1, SQLITE_STATIC) == SQLITE_OK &&
-		sqlite3_step(stmt) == SQLITE_ROW)
-	{
-		peer_cfg = process_peer_cfg_row(this, stmt);
-	}
-	sqlite3_finalize(stmt);
-	return peer_cfg;
-}
-
-/**
- * implements backend_t.get_peer_cfg_by_name.
- */			
-static peer_cfg_t *get_peer_cfg_by_name(private_sqlite_backend_t *this, char *name)
-{
-	sqlite3_stmt *stmt;
-	peer_cfg_t *peer_cfg = NULL;
-	
-	if (sqlite3_prepare_v2(this->db,
-			"SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, "
-				   "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, "
-				   "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, "
-				   "local, remote, certreq "
-			"FROM peer_configs, ike_configs "
-				"ON peer_configs.ike_cfg = ike_configs.oid "
-			"WHERE name = ? ;", -1, &stmt, NULL) == SQLITE_OK &&
-		sqlite3_bind_text(stmt, 1, name, -1, SQLITE_STATIC) == SQLITE_OK &&
-		sqlite3_step(stmt) == SQLITE_ROW)
-	{
-		peer_cfg = process_peer_cfg_row(this, stmt);
-	}
-	sqlite3_finalize(stmt);
-	return peer_cfg;
-}
-
-/**
- * Implementation of backend_t.is_writable.
- */
-static bool is_writeable(private_sqlite_backend_t *this)
-{
-    return FALSE;
-}
-
-/**
- * Implementation of backend_t.destroy.
- */
-static void destroy(private_sqlite_backend_t *this)
-{
-	sqlite3_close(this->db);
-    free(this);
-}
-
-/**
- * Described in header.
- */
-backend_t *backend_create(void)
-{
-	private_sqlite_backend_t *this = malloc_thing(private_sqlite_backend_t);
-
-	this->public.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg;
-	this->public.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
-	this->public.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
-	this->public.backend.is_writeable = (bool(*) (backend_t*))is_writeable;
-	this->public.backend.destroy = (void (*)(backend_t*))destroy;
-	
-	if (sqlite3_open(IPSEC_DIR "/manager.db", &this->db) != SQLITE_OK)
-	{
-		DBG1(DBG_CFG, "opening SQLite database '" IPSEC_DIR "/manager.db' failed.");
-		destroy(this);
-		return NULL;
-	}
-	
-	return &this->public.backend;
-}
-
diff --git a/src/charon/config/backends/sqlite_backend.h b/src/charon/config/backends/sqlite_backend.h
deleted file mode 100644
index 4bc146583..000000000
--- a/src/charon/config/backends/sqlite_backend.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * @file sqlite_backend.h
- *
- * @brief Interface of sqlite_backend_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
- 
-#ifndef SQLITE_BACKEND_H_
-#define SQLITE_BACKEND_H_
-
-typedef struct sqlite_backend_t sqlite_backend_t;
-
-#include <library.h>
-
-#include "backend.h"
-
-/**
- * @brief An SQLite based configuration backend.
- *
- * @b Constructors:
- *  - sqlite_backend_create()
- * 
- * @ingroup backends
- */
-struct sqlite_backend_t {
-	
-	/**
-	 * Implements backend_t interface
-	 */
-	backend_t backend;
-};
-
-/**
- * @brief Create a backend_t instance implemented as sqlite backend.
- *
- * @return backend instance
- * 
- * @ingroup backends
- */
-backend_t *backend_create(void);
-
-#endif /* SQLITE_BACKEND_H_ */
-
diff --git a/src/charon/config/backends/writeable_backend.h b/src/charon/config/backends/writeable_backend.h
deleted file mode 100644
index ea62f62c9..000000000
--- a/src/charon/config/backends/writeable_backend.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/**
- * @file writeable_backend.h
- *
- * @brief Interface of writeable_backend_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
- 
-#ifndef WRITEABLE_BACKEND_H_
-#define WRITEABLE_BACKEND_H_
-
-typedef struct writeable_backend_t writeable_backend_t;
-
-#include <library.h>
-#include <config/backends/backend.h>
-
-/**
- * @brief A writeable backend extends backend_t by modification functions.
- *
- * @b Constructors:
- *  - writeable_backend_create()
- * 
- * @ingroup backends
- */
-struct writeable_backend_t {
-	
-	/**
-	 * Implements backend_t interface
-	 */
-	backend_t backend;
-	
-	/**
-	 * @brief Add a peer_config to the backend.
-	 *
-	 * @param this		calling object
-	 * @param config	peer_config to add to the backend
-	 */
-	void (*add_cfg)(writeable_backend_t *this, peer_cfg_t *config);
-	
-	/**
-	 * @brief Create an iterator over all peer configs.
-	 *
-	 * @param this		calling object
-	 * @return 			iterator over peer configs
-	 */
-	iterator_t* (*create_iterator)(writeable_backend_t *this);
-};
-
-#endif /* WRITEABLE_BACKEND_H_ */
-